diff options
| author | root | 2014-02-17 18:41:58 +0100 |
|---|---|---|
| committer | root | 2014-02-17 18:41:58 +0100 |
| commit | 305e2b7c55ffd24a156f5788388e6d4ed2daea14 (patch) | |
| tree | 62e44e22b04f7270f8d20b9216a576f0844df6f7 /www/invite.php | |
| parent | 859cd34c42c3df72dcd20ab09d508108b5be4865 (diff) | |
| download | files.iamfabulous.de-305e2b7c55ffd24a156f5788388e6d4ed2daea14.tar.gz | |
handles most of the database stuff
Diffstat (limited to 'www/invite.php')
| -rw-r--r-- | www/invite.php | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/www/invite.php b/www/invite.php new file mode 100644 index 0000000..4a055e3 --- /dev/null +++ b/www/invite.php @@ -0,0 +1,67 @@ +<? + +session_start(); + +if($_SERVER['REQUEST_METHOD'] == 'POST') { + $name=$_SESSION["username"]; + $safe_name = SQLite3::escapeString("$name"); + + $email=$_POST["email"]; + $safe_email=SQLite3::escapeString("$email"); + + $db = new SQLite3("../database/sqlite.db"); + + $invite_db = $db->query("SELECT invites FROM user WHERE name='$safe_name';"); + $invite_ar = $invite_db->fetchArray(SQLITE3_NUM); + $invite = $invite_ar[0]; + + if($invite > 0){ + +/*Generates the invite key*/ + + $key_array = array("a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v", "w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "_", "-", "0", "1", "2", "3", "4", "5", "6", "7", "8", "9" ); + + $length = count($key_array); + $key = ""; + + for ($i=0;$i<11;$i++){ + $index = mt_rand(0,$length-1); + $key = "$key".$key_array[$index]; + } + + $id_db = $db->query("SELECT id FROM USER WHERE name='$safe_name';"); + $id_ar = $id_db->fetchArray(SQLITE3_NUM); + $id = $id_ar[0]; + +/*Generates the new user and decrease the invites*/ + + $invite = $invite - 1; + + echo "ID: '$id', KEY: '$key', SAFE_EMAIL: '$safe_email'"; + +// $db->exec("INSERT INT0 user (id, name, senpai, key, status, email) VALUES (NULL, '$id', '$key', 0, '$safe_email');"); +// $db->exec("UPDATE user SET invites='$invite' WHERE id='$id';"); + if($db->exec("INSERT INTO user (id, name, senpai, key, status, email) VALUES (NULL, NULL, '$id', '$key', 0, '$safe_email');") && $db->exec("UPDATE user SET invites='$invite' WHERE id='$id';")) + { + header("Refresh: 0; /invite?reason=success"); + } else { + header("Refresh: 0; /invite?reason=database"); + } + + } else { + header("Refresh: 0; /invite?reason=invites"); + } +} else { + foreach ($_GET as $name => $value) { + echo 'Name: ' . $name . ' Value: ' . $value . '<br />'; + } + + echo "Hallo $name + <form method='post' action='/invite.php'> + <p> E-Mail: <input type='text' name='email'></p> + <input type='hidden' name='username' value='$_SESSION[username]'> + <input type='submit' name='submit' value='invite'> + </form>"; + + echo "ENDE"; +} |